Critical Alert: Fortinet Highlights New FortiManager Flaw Utilized in Latest Zero-Day Attacks

Critical Alert: Fortinet Highlights New FortiManager Flaw Utilized in Latest Zero-Day Attacks

Fortinet Warns of New Critical FortiManager Flaw Used in Zero-Day Attacks

In a statement released today, cybersecurity giant Fortinet has publicly disclosed a critical vulnerability in its FortiManager API system.

This vulnerability, tracked as CVE-2024-47575, is causing waves in the cybersecurity community as it has been exploited in zero-day attacks to access and exfiltrate sensitive files.

These include configurations, IP addresses, and credentials for managed devices.

An Unsettling Discovery

Researchers discovered that malevolent actors could manipulate an API endpoint in the FortiManager system, enabling them to bypass security measures and access highly confidential information.

This constitutes a significant escalation in the level of threats posed by software flaws and raises concerns about data integrity in organizations using Fortinet’s solutions.

A Critical Classification

The Common Vulnerability Scoring System (CVSS), an industry standard for assessing the severity of computer system security vulnerabilities, has assigned the CVE-2024-47575 an alarming 9.4 out of 10 — an explicit indication of its critical severity.

The Response

Fortinet acted promptly to mitigate the issue.

The software patch released to address this flaw (FortiManager version 7.0.1), inhibits any unauthorized individual’s ability to access the data.

Fortinet advises users running older versions of the software to update immediately to the latest patched versions to safeguard their systems.

Advice for Prevention

While Fortinet took a significant first step in releasing the patch, cybersecurity professionals advise further steps for maximum security.

The timely application of updates and patches, coupled with enhancing endpoint security, and strict control of user permissions, can vastly reduce the risk of future exploitation.

Historical Relevance

This is not the first time Fortinet has been targeted.

Similar zero-day attacks took place last year involving the FortiGate SSL VPN product.

Proactive actions, such as routine audits of system permissions, continuous monitoring, and swift incident response played a critical role in preventing widespread damage.

Follow-Up Reading

AegisLens

Stay ahead of cyber threats with AegisLens. Get real-time CVE updates, expert insights, and tools to secure your world. #CyberSecurity #ThreatIntel #Infosec

Leave a Reply